[WIP] Security Improvements

[Gegy]

This PR works on some security improvements:

• Disable editing of images if the allowEdit flag is false
• Allow URL whitelist config (syncs from server to client, operators can bypass)

Marked as WIP because I'm sure these features can be improved, and more can be implemented. The default whitelist can definitely be extended further. I'm still not sure whether the whitelist should be on by default or not. My current thought is that it should not be activated by default, because it shouldn't change any current functionality. Although, if not enabled by default it wouldn't be noticed, and it is quite important for public servers. Enabling it by default wouldn't break any existing worlds, though. The check is only performed when a URL is updated by a player. Feedback appreciated on this.

[CreativeMD]

Wow, you are really going for it. BTW I added you to the project on curseforge (hope that is okay).

Maybe add another yellow style (for the textfield) if the whitelist is disabled and a tooltip (public ArrayList<String> getTooltip()) hinting the player that there is a whitelist he could use. I might add it to IGCM as well.

Again, I'm really really thankful for all your help!!!

[Gegy]

Done. Not sure if this is what you meant, but I added a yellow warning when the whitelist is disabled and a tooltip for both disabled states.

[CreativeMD]

Yes indeed. Thank you very much. I will release a new version this day.